CloudGuard Compliance Assessment and Reporting Tool for Multi-Cloud Environments

This GitHub repository features a Python script designed to interact with the Check Point CloudGuard API for multi-cloud compliance assessment and reporting. The script facilitates fetching, filtering, and documenting compliance assessments from CloudGuard for specified entities in AWS, Azure, Google Cloud, and Kubernetes environments.

Script Functionality

1. CLI Arguments Handling: The script accepts command-line arguments for authentication, cloud platform selection, account name, and entity names.
2. Dynamic Cloud Account and Platform Handling: Based on the provided platform and account name, the script fetches the relevant cloud account ID and organizational unit path.
3. Compliance Assessment Fetching:
   • Constructs payloads for CloudGuard API requests.
   • Retrieves the last compliance assessment results for the specified entities in the chosen cloud account.
4. Data Filtering and Processing:
   • Filters and organizes the fetched data based on the specified entity names.
   • Handles cases where entity names are not found in the compliance results.
5. Excel Report Generation:
   • Converts the processed data into a pandas DataFrame.
   • Exports the DataFrame to an Excel file, creating a comprehensive compliance report.

Key Features

• Multi-Cloud Compatibility: Supports compliance assessments across AWS, Azure, Google Cloud, and Kubernetes.
• Entity-Based Filtering: Allows for targeted compliance assessments of specific entities within the cloud environment.
• Automated Report Generation: Streamlines the process of generating detailed compliance reports in Excel format.

Usage Scenario

This script is ideal for cloud security professionals and compliance officers using Check Point CloudGuard. It simplifies the task of performing targeted compliance assessments and generating reports across multiple cloud platforms.

Prerequisites

• Python environment with pandas, openpyxl, requests, and argparse libraries.
• Check Point CloudGuard account with API access and necessary permissions.

Security and Best Practices

• Secure handling of CloudGuard API credentials, preferably using environment variables.
• Ensure secure storage and handling of the generated Excel report, as it contains sensitive compliance data.

---

This readme summary provides a detailed overview of the script's functionality and its application in generating targeted compliance reports using Check Point CloudGuard across multiple cloud platforms. It serves as a guide for CloudGuard users to efficiently utilize the script for enhancing their cloud compliance reporting and analysis.